CVE-2025-68717
Authentication Bypass in KAYSUS KS-WR3600 Router Firmware Allows Privilege Escalation
Publication date: 2026-01-08
Last updated on: 2026-02-02
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kaysus | ks-wr3600 | 1.0.5.9.1 |
| kaysus | ks-wr3600_firmware | 1.0.5.9.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1, allowing an authentication bypass during session validation. If any user is logged in, certain endpoints like /cgi-bin/system-tool accept unauthenticated requests even with empty or invalid session values. This flaw enables attackers to piggyback on another user's active session to access sensitive configuration data or perform privileged actions without needing to authenticate.
How can this vulnerability impact me? :
The vulnerability can allow attackers to gain unauthorized access to sensitive router configuration data and execute privileged actions without authentication. This can lead to compromise of network security, unauthorized changes to device settings, potential disruption of network services, and exposure of sensitive information.